The sharing of a memory in a device of the aforementioned type raises various problems when a certain degree of security is sought as regards to data stored in the memory. Since the device's components can be arranged on the same support, or at least in the same housing and are, therefore, physically accessible, such devices are subject to attacks by malicious actors who may try to take control of a functional entity for accessing the memory area allocated to another functional entity. In addition to the risk of taking control, another known type of attack is error injection, for example by means of a laser beam, enabling a malicious actor to read data in a specific memory area or to corrupt data.
In order to overcome this type of attack, so-called Memory Protection Units (MPUs) have been developed which carry out a certain number of checks and verify that a particular entity is authorized to write or read data in given areas of the memory. For example, processors, such as microprocessors, can be equipped with a programmable MPU in which areas of the memory space are declared, together with their properties (read-only or read/write access, privileges, type of memory area: shareable, buffer, cache, etc.) and the respective access rights associated with the declared memory areas.
However, MPUs do not for countering all known attacks and, in particular, error injection attacks on the address bus. It may, therefore, be desirable to provide a device with multiple functional entities offering a satisfactory degree of security without requiring a memory protection unit.
It may also be desirable to provide approaches for improving the security of the data in a shared memory, in replacement or in addition to the protections offered by an MPU.